Packetfactorycomprojectszodiac iit kanpur hackers

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: g - tools ADMIdPack Zodiac (http://www.packetfactory.com/Projects/zodiac ) IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 35 Remote attacks (1) DNS poisoning - countermeasures YES - Use DNS with random transaction ID (Bind v9) YES - DNSSec (Bind v9) allows the digital signature of the replies. NO - restrict the dynamic update to a range of IPs (they can be spoofed) IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 36 Remote attacks (2) Traffic tunneling Server Router 1 Tunnel GRE INTERNET Client Fake host Attacker Gateway IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 37 Remote attacks (2) Traffic tunneling - tools ettercap (http://ettercap.sf.net) n Zaratan plugin tunnelX (http://www.phrack.com) IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 38 Remote attacks (2) Traffic tunneling - countermeasure YES - Strong passwords and community on routers IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 39 Remote attacks (3) ROUTE mangling revisited The attacker aims to hijack the traffic between the two victims A and B The attack will collect sensitive information through: n n n Traceroute port scanning protoscanning Quite impossible against link state protocols IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 40 Remote attacks (3) ROUTE mangling revisited Scenario 1 a (IGRP inside the AS) A R1 B R2 The attacker pretends to be the GW IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 41 Remote attacks (3) ROUTE mangling revisited Scenario 1 b (IGRP inside the AS) A R1 R3 B R2 IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 42 Remote attacks (3) ROUTE mangling revisited Scenario 2 a (the traffic does not pass thru the AS) AS 1 BGP BG 1 AS 2 BG 2 BG 3 AS 3 RIP IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 43 Remote attacks (3) ROUTE mangling revisited - tools IRPAS di Phenoelit (http://www.phenoelit.de/irpas/) Nemesis ( http://www.packetfactory.net/Projects/nemesis/) IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 44 Remote attacks (3) ROUTE mangling revisited countermeasure YES - Use routing protocol authentication IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 45 Conclusions The security of a connection relies on: n Proper configuration of the client (avoiding ICMP Redirect, ARP Poisoning etc.) n the other endpoint infrastructure (e.g.. DNS dynamic update), n the strength of a third party appliances on which we don’t have access (e.g.. Tunneling and Route Mangling). The best way to ensure secure communication is the correct and conscious use of cryptographic systems n both client and server side n at the network layer (i.e.. IPSec) n at transport layer (i.e.. SSLv3) n at application layer (i.e.. PGP). IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 46 Once in the middle… Injection attacks Key Manipulation attacks Downgrade attacks Filtering attacks IIT Kanpur Hacker’s Workshop 2004 23, 24 Feb 2004 47 Injection attacks Add packets to an already established connection (only possible in full-duplex mitm) The attacker can modify the sequence numbers and keep the connecti...
View Full Document

This document was uploaded on 03/17/2014 for the course CS 393 at NYU Poly.

Ask a homework question - tutors are online